Gość: grazka
IP: *.Kuso.osi.pl
06.05.05, 17:28
jeszcze nie usunelam wszystkiego co powinnam - a dzis znowu- atak wirusow!!!
Kilka rzeczy HijacThis - usunełam- ale innych boję sie - bo nie wiem. Mialam
na pulpicie rozne ikonki - ale to wywalilam. Teraz co pojawiaja sie dziwne
komunikaty np.o zagrozeniu . Avast- nie potrafil przeskanowac 3 plikow- i
pewnie tam "cos" tkwi. W dodatku- co chwile wylancza sie internet .Blagam
pomozcie !!!!
ogfile of HijackThis v1.99.0
Scan saved at 16:48:53, on 2005-05-06
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\popuper.exe
C:\WINDOWS\System32\msole32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\intmonp.exe
C:\PROGRA~1\GADU-G~1\gg.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Grazyna\Ustawienia lokalne\Temp\Katalog tymczasowy
9 dla hijackthis1.99.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ActiveX Control - {85A0FA4F-299C-4809-993A-ACF646A2EB9F} -
C:\WINDOWS\System32\mssij.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [uUW80+żÔÇč]Iú" ‹üžiC:\Program Files\ISTsvc\istsvc.exe]
C:\WINDOWS\lvascppp.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [MSN Messenger] C:\WINDOWS\System32\msmsgs.exe
O4 - HKLM\..\Run: [Security iGuard] C:\Program Files\Security iGuard\Security
iGuard.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRA~1\GADU-G~1\gg.exe" /tray
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1105892588046
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2F9C0CC3-DB07-4219-AC65-
45A128789980}: NameServer = 69.50.184.86,195.225.176.110
O17 - HKLM\System\CCS\Services\Tcpip\..\{94C41D8E-6389-4532-9194-
32D1073ED7FA}: NameServer = 69.50.184.86,195.225.176.110
O17 - HKLM\System\CCS\Services\Tcpip\..\{E90BCB0C-1D3E-4C84-A63A-
590933C5E211}: NameServer = 69.50.184.86,195.225.176.110
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F9C0CC3-DB07-4219-AC65-
45A128789980}: NameServer = 69.50.184.86,195.225.176.110
O17 - HKLM\System\CS2\Services\Tcpip\..\{2F9C0CC3-DB07-4219-AC65-
45A128789980}: NameServer = 69.50.184.86,195.225.176.110
O23 - Service: avast! iAVS4 Control Service - Unknown - C:\Program
Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe